diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-04-16 15:37:10 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-04-16 15:37:10 +0000 |
commit | 9d9ec51b2c47983a8f8c8d48ed2fca487c2b272a (patch) | |
tree | 103f2ad3fab79dfe5e3b4ca02ebf1d9c1e2e4e82 /contrib/openbsm/README | |
parent | 6b46b736cc84f6697b21608e304026e847ac155d (diff) | |
download | FreeBSD-src-9d9ec51b2c47983a8f8c8d48ed2fca487c2b272a.zip FreeBSD-src-9d9ec51b2c47983a8f8c8d48ed2fca487c2b272a.tar.gz |
Vendor import TrustedBSD OpenBSM 1.0 alpha 14, with the following change
history notes since the last import:
OpenBSM 1.0 alpha 14
- Fix endian issues when processing IPv6 addresses for extended subject
and process tokens.
- gcc41 warnings clean.
- Teach audit_submit(3) about getaudit_addr(2).
- Add support for zonename tokens.
OpenBSM 1.0 alpha 13
- compat/clock_gettime.h now provides a compatibility implementation of
clock_gettime(), which fixes building on Mac OS X.
- Countless man page improvements, markup fixes, content fixs, etc.
- XML printing support via "praudit -x".
- audit.log.5 expanded to include additional BSM token types.
- Added encoding and decoding routines for process64_ex, process32_ex,
subject32_ex, header64, and attr64 tokens.
- Additional audit event identifiers for listen, mlockall/munlockall,
getpath, POSIX message queues, and mandatory access control.
Approved by: re (bmah)
MFC after: 3 weeks
Obtained from: TrustedBSD Project
Diffstat (limited to 'contrib/openbsm/README')
-rw-r--r-- | contrib/openbsm/README | 41 |
1 files changed, 27 insertions, 14 deletions
diff --git a/contrib/openbsm/README b/contrib/openbsm/README index 636dbee..2c45da1 100644 --- a/contrib/openbsm/README +++ b/contrib/openbsm/README @@ -3,11 +3,13 @@ OpenBSM 1.0 Introduction OpenBSM provides an open source implementation of Sun's BSM Audit API. -Originally created under contract to Apple Computer by McAfee Research, -this implementation is now maintained by volunteers and the generous -contribution of several organizations. Coupled with a kernel audit -implementation, OpenBSM can be used to maintain system audit streams, and -is a foundation for an Audit-enabled system. +Originally created under contract to Apple Computer by McAfee Research, this +implementation is now maintained by volunteers and the generous contribution +of several organizations. Coupled with a kernel audit implementation, +OpenBSM can be used to maintain system audit streams, and is a foundation for +an Audit-enabled system. Portions of OpenBSM, including include files and +token-building routines, are reusable in a kernel audit implementation, and +may be found in the FreeBSD and Mac OS X kernels. Contents @@ -15,13 +17,22 @@ OpenBSM consists of several directories: bin/ Audit-related command line tools bsm/ System include files for BSM + compat/ Compatibility code to build on various OS's etc/ Sample /etc/security configuration files libbsm/ Implementation of BSM library interfaces and man pages man/ System call and configuration file man pages + modules/ Directory for auditfilterd module source + test/ Test token sets and geneneration program + tools/ Tool directory, including audump to dump databases -OpenBSM currently builds on FreeBSD and Darwin. With Makefile adjustment -and minor tweaks, it should build without problems on a broad range of -POSIX-like systems. +The following programs are included with OpenBSM: + + audit Command line audit control tool + auditd Audit management daemon + auditfilterd Experimental event monitoring framework + auditreduce Audit trail reduction tool + audump Debugging tool to parse and print audit databases + praudit Tool to print audit trails Building @@ -29,7 +40,7 @@ OpenBSM is currently built using autoconf and automake, which should allow for building on a range of operating systems, including FreeBSD, Mac OS X, and Linux. Depending on the availability of audit facilities in the underlying operating system, some components that depend on kernel audit -support are built conditionally. Typically, build will be performed using +support are built conditionally. Typically, build will be performed using: ./configure make @@ -51,13 +62,12 @@ directory the correct libbsm is used: You will need to manually propagate openbsm/etc/* into /etc on your system; this is not done automatically so as to avoid disrupting the current -configuration. Currently, the locations of these files is not -configurable. +configuration. Currently, the locations of these files is not configurable. Credits -The following organizations and individuals have contributed substantially -to the development of OpenBSM: +The following organizations and individuals have contributed substantially to +the development of OpenBSM: Apple Computer, Inc. McAfee Research, McAfee, Inc. @@ -76,6 +86,9 @@ to the development of OpenBSM: Martin Fong Pawel Worach Martin Englund + Ruslan Ermilov + Martin Voros + Diego Giagio In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel Software's FlexeLint tool were used to identify a number of bugs in the @@ -97,4 +110,4 @@ Information on TrustedBSD may be found on the TrustedBSD home page: http://www.TrustedBSD.org/ -$P4: //depot/projects/trustedbsd/openbsm/README#19 $ +$P4: //depot/projects/trustedbsd/openbsm/README#23 $ |